Openclaw
CVE-2026-32014
HIGH
Severity by source
AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
3Blast Radius
ecosystem impact- 2 npm packages depend on openclaw (2 direct, 0 indirect)
Ecosystem-wide dependent count for version 2026.2.26.
DescriptionCVE.org
OpenClaw versions prior to 2026.2.26 contain a metadata spoofing vulnerability where reconnect platform and deviceFamily fields are accepted from the client without being bound into the device-auth signature. An attacker with a paired node identity on the trusted network can spoof reconnect metadata to bypass platform-based node command policies and gain access to restricted commands.
AnalysisAI
A metadata spoofing vulnerability in OpenClaw allows attackers with paired node identities on the trusted network to bypass platform-based node command policies by manipulating unsigned reconnect platform and deviceFamily fields. This authentication bypass vulnerability affects OpenClaw versions prior to 2026.2.26 and enables unauthorized access to restricted commands with high impact on confidentiality, integrity, and availability (CVSS 8.0). No active exploitation has been reported in KEV and EPSS data is not available, but the vulnerability has been publicly disclosed with patches available.
Technical ContextAI
OpenClaw is affected by CWE-290 (Authentication Bypass by Spoofing), where the reconnect platform and deviceFamily metadata fields are accepted from clients without being cryptographically bound to the device authentication signature. This allows attackers to forge metadata during the reconnection process, effectively impersonating different platform types to circumvent access control policies that rely on platform identification. The vulnerability stems from improper validation of client-supplied metadata that should have been included in the authentication signature to ensure integrity and prevent tampering.
RemediationAI
Upgrade OpenClaw to version 2026.2.26 or later, which includes the fix implemented in commit 7d8aeaaf06e2e616545d2c2cec7fa27f36b59b6a. The patch binds platform and deviceFamily fields into the device authentication signature, preventing spoofing attacks. Until patching is possible, implement network segmentation to limit which nodes can establish paired connections, monitor for suspicious reconnection patterns with mismatched platform metadata, and review node command policies to ensure defense-in-depth beyond platform-based restrictions. Refer to the vendor security advisory at https://github.com/openclaw/openclaw/security/advisories/GHSA-r65x-2hqr-j5hf for detailed guidance.
Auth bypass in OpenClaw voice-call extension before 2026.2.1. EPSS 0.68%. PoC and patch available.
Privilege escalation in OpenClaw (pre-2026.3.28) allows unauthenticated remote attackers to gain administrative access b
OpenClaw versions 2026.2.22 through 2026.2.24 contain a privilege escalation vulnerability that allows authenticated att
An authorization mismatch vulnerability in OpenClaw versions prior to 2026.3.1 allows authenticated users with operator.
OpenClaw versions prior to 2026.1.29 automatically establish WebSocket connections to attacker-controlled gateway URLs e
Path traversal in OpenClaw through version 2026.3.23 enables unauthenticated remote attackers to read arbitrary files in
OpenClaw sandbox browser functionality launches x11vnc for noVNC observer sessions without requiring authentication, all
OpenClaw versions before 2026.2.26 allow authenticated attackers to write arbitrary files outside the workspace director
OpenClaw versions prior to 2026.2.22 contain a shell environment variable injection vulnerability in the system.run func
OpenClaw versions prior to 2026.2.22 contain a resource exhaustion vulnerability where the application fails to consiste
OpenClaw versions prior to 2026.3.1 contain a sandbox escape vulnerability that allows authenticated attackers with low
OpenClaw versions 2026.1.30 and below fail to validate Telegram webhook secret tokens when `channels.telegram.webhookSec
Same weakness CWE-290 – Authentication Bypass by Spoofing
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-r65x-2hqr-j5hf